Amendments to the Claims 

1 Claim 1 (currently amended): A security container that secures a document component by 

2 encapsulating, within the security container, an encrypted version of the document component, aa 

3 encrypted version of conditional logic for controUing operations on the document component, and 

4 key distribution information usable for controUing access to the document component , wherein: 

5 the encrypted version of the document component and the encrypted version of the 

6 conditional logic are both encrypted using a first kev; 

7 the key distribution information comprises at least one key element: and 

8 each key element comprises (i) an identification of a user, a user group, a process, or a 

9 process group that is authorized to access the document component; and (ii) an encrypted version 

10 of the first key, wherein the encrypted version of the first key is encrypted using a second key that 

11 is usable by the identified user, user group, process, or process group for decrypting the encrypted 

12 version of the first key, thereby enabling that user, user group, process, or process group to 

13 obtain the first key and use it for decrypting the document component and the conditional logic . 

1 Claim 2 (original): The security container according to Claim 1, wherein the security container 

2 secures a portion of a higher-level document. 

1 Claim 3 (original): The security container according to Claim 2, wherein the higher-level 

2 document has more than one portion secured by security containers. 
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2 comprising the step of encapsulating, within a security container, an encrypted version of a 

3 document component, an encrypted version of conditional logic for controlling operations on the 

4 document component, and key distribution information usable for controUing access to the 

5 document component , wherein: 

6 the encrypted version of the document component and the encrypted version of the 

7 conditional logic are both encrypted using a first key; 

8 the key distribution information comprises at least one kev element: and 

9 each key element comprises (i) an identification of a user, a group of users, a process, or 

10 group of a processes that is authorized to access the document component: and (ii^ an encrypted 

11 version of the first key, wherein the encrypted version of the first key is encrypted using a second 

12 key that is usable by the identified user, user group, process, or process group for decrypting the 

13 encrypted version of the first key, thereby enabling that user, group of users, process, or groups 

14 of processes to obtain the first key and use it for decrypting the document component and the 

15 conditional logic . 

Claim 5 (canceled) 

1 Claim 6 (currently amended): The method according to Claim [[5]] 4, wherein the first key 

2 distribution information f urth e r comprises a symmetric ke y that e ncrypted both th e document 

3 component and the conditional logic that are encapsulated within the security container, wherein 

4 the symmetric key is stored in an encrypted fomi for decryption by the authorized users and/or 

5 processes. 
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1 Claim 7 (currently amended): The method according to Claim 6, wherein the second key 

2 comprises, for each of the key elements, the e nciypted form of th e symm e tric k e y compris e s a 

3 separate version of th e key for each distinct us e r, proc e ss, group of us e rs, or group of proc e ss e s, 

4 wherein the separate v e rsion has b ee n e ncrypt e d with a public key associated with the identified 

5 coiTcsponding distinct u ser, process, group of users, or group of processes. 

Claim 8 (canceled) 

1 Claim 9 (original): The method according to Claim 4, wherein the conditional logic fiirther 

2 controls access to the document component. 

1 Claim 10 (original): The method according to Claim 9, wherein the key distribution information 

2 fiirther controls access to the conditional logic. 

Claim 1 1 (canceled) 

1 Claim 12 (original): The method according to Claim 4, wherein the security container is encoded 

2 in structured document format. 

1 Claim 13 (original): The method according to Claim 12, wherein the structured document format 

2 is Extensible Markup Language ("XML") format. 

Serial No. 10/632,156 -11- RSW920030063US1 



Claim 14 (canceled) 



1 Claim 15 (currently amended): The method according to Claim [[14]] 4, wherein at least one of 

2 the key elements identifies a group of users and wherein the users in the group the members are 

3 determined dynamically, upon receiving a request to access to the document component. 

1 Claim 16 (currently amended): The method according to Claim 15, wherein the dynamic 

2 determination fiirther comprises accessing a repository where the m e mb e rs o f users in the group 

3 are identified. 

1 Claim 17 (currently amended): The method according to Claim 4, further comprising the steps of: 

2 receiving, from a requester, a request to access the document component; 

3 programmaticaUy determining, using the key distribution information, whether the 

4 requester is authorized to access the document component by determining whether, in any 

5 selected one of the key elements, the requester is the identified user or the identified process or is 

6 a member of the identified group of users or the identified group of processes, and if so. 

7 performing steps of 

8 decrypting the encrypted version of the first key from the selected one of the key 

9 elements using the second key usable by that requester, thereby obtaining the first key; 

10 decrypting the encrypted version of the conditional logic using the first key, 

11 thereby obtaining the conditional logic; 
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12 decrypting the encrypted version of the document component using the first key. 

1 3 thereby obtaitiitig the document component ; and 

1 4 programmatically evaluating, using the conditional logic, whether the request can 

15 be grante d; and , when th e programmatically d e t e rmining st e p has a positiv e r e sult, and 

1 6 rejecting the request when the programmatically determining step has a negative result. 

1 Claim 18 (original): The method according to Claim 17, wherein the conditional logic evaluates 

2 at least one of: an identity of the requester; a device used by the requester; a context of the 

3 requester; a zone of an application used by the requester; a user profile of the requester; and a 

4 target destination of the request. 

1 Claim 19 (currently amended): A computer program product for securing document content 

2 using security containers, the computer program product embodied on one or more computer- 

3 readable media and comprising: 

4 computer-readable program code [[means]] for receiving, from a requester, a request to 

5 access document content, wherein the document content is encapsulated as an encrypted version 

6 of a document component within a security container along with an encrypted version of 

7 conditional logic for controlling operations on the document component and key distribution 

8 information usable for controlling access to the document component , wherein: 

9 the encrypted version of the document component and the encrypted version of the 

10 conditional logic are both encrypted using a first key; 

11 the key distribution information comprises at least one key element; and 
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12 each key element comprises (i) an identification of a user, a group of users, a 

13 process, or group of a processes that is authorized to access the document component; and (ii) an 

14 encrypted version of the first key, wherein the encrypted version of the first key is encrypted using 

15 a second key that is usable by the identified user, user group, process, or process group for 

1 6 decrypting the encrypted version of the first key, thereby enabling that user, group of users. 

17 process, or groups of processes to obtain the first key and use it for decrypting the document 

18 component and the conditional logic : 

1 9 computer-readable program code [[means]] for programmaticaUy determining, using the 
2 0 key distribution information, whether the requester is authorized to access the document 

2 1 component by determining whether, in any selected one of the key elements, the requester is the 

22 identified user or the identified process or is a member of the identified group of users or of the 
2 3 identified group of processes, and if so. performing steps of: 

2 4 decrypting the encrypted version of the first key fi'om the selected one of the key 

2 5 elements using the second key usable by that requester, thereby obtaining the first key: 
2 6 decrypting the encrypted version of the conditional logic using the first key. 

2 7 thereby obtaining the conditional logic: 

2 8 decrypting the encrypted version of the document component using the first key. 

2 9 thereby obtaining the document component : and 

3 0 comput e r-r e adabl e program cod e m e ans for p rogrammaticaUy evaluating, using the 

3 1 conditional logic, whether the request can be granted ; and , when operation of the computer- 

32 readable program code means for programmaticaUy detemiining yields a positive result, and 
3 3 computer-readable program code for rejecting the request when operation of the 

Serial No. 10/632,156 -14- RSW920030063US1 



34 
35 



computer-readable program code [[means]] for programmatically deternuning yields a negative 
result. 



1 Claim 20 (currently amended): A system for securing document content using security 

2 containers, comprising: 

3 a security container that encapsulates an encrypted version of a document component, an 

4 encrypted version of conditional logic for controlling operations on the document component, and 

5 key distribution information usable for controlling access to the document component , wherein: 

6 the encrypted version of the document component and the encrypted version of the 

7 conditional logic are both encrypted using a first kev: 

8 the key distribution information comprises at least one kev element; and 

9 each key element comprises (i) an identification of a user, a group of users, a 

10 process, or group of a processes that is authorized to access the document component: and (ii) an 

11 encrypted version of the first key, wherein the encrypted version of the first key is encrypted using 

12 a second key that is usable by the identified user, user group, process, or process group for 

13 decrypting the encrypted version of the first key, thereby enabling that user, group of users. 

14 process, or groups of processes to obtain the first key and use it for decrypting the document 

15 component and the conditional logic : 

1 6 means for receiving, fi-om a requester, a request to access the document component; 

1 7 means for programmatically determining, using the key distribution information, whether 

1 8 the requester is authorized to access the document component by determining whether, in any 

19 selected one of the key elements, the requester is the identified user or the identified process or is 
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2 0 a member of the identified group of users or of the identified group of processes, and if so. 

21 performing steps of: 

22 decrypting the encrypted version of the first key fi'om the selected one of the key 

23 elements using the second key usable by that requester, thereby obtaining the first key; 

24 decrypting the encrypted version of the conditional logic using the first key. 

2 5 thereby obtaining the conditional logic; 

2 6 decrypting the encrypted version of the document component using the first key. 

2 7 thereby obtaining the document component ; and 

2 8 m e ans for p rogrammatically evaluating, using the conditional logic, whether the 

2 9 request can be granted ; and , wh e n op e ration of th e m e ans for programmatically d e t e rmining 

30 yi e lds a positiv e result, and 

3 1 means for rejecting the request when operation of the means for programmatically 

3 2 deterrnining yields a negative result. 

1 Claim 21 (original): The system according to Claim 20, wherein the security container is 

2 embedded within a document. 

1 Claim 22 (original): The system according to Claim 20, wherein the security container 

2 encapsulates the document component on a system clipboard. 

1 Claim 23 (original): The system according to Claim 20, wherein the security container is placed 

2 on a user interface. 
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1 Claim 24 (original): The system according to Claim 20, wherein the security container 

2 encapsulates the document component for exchange using interprocess communications. 

1 Claim 25 (original): The system according to Claim 20, wherein the security container 

2 encapsulates the document component for exchange using a messaging system. 

1 Claim 26 (original): The system according to Claim 20, further comprising means for copying the 

2 document component to a target destination, wherein the means for copying copies the entire 

3 security container in order to copy the document component. 

Claims 27 - 32 (canceled) 
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